The Drafting the NIST Privacy Framework: Workshop #2 will be held on May 13-14, 2019, at the Georgia Tech Scheller College of Business in Atlanta, Georgia. Feedback is also welcome via email at privacyframework@nist.gov (which will not be posted online). https://www.nist.gov/privacy-framework/working-drafts explains the documents and process to date.

Section 1.3 is Document Overview and contains a list of the following sections:

Section 2.0 describes the Privacy Framework components: the Core, the Profiles, and the Implementation Tiers.

Section 3.0 presents examples of how the Privacy Framework can be used.

Appendix A: Privacy Framework Core presents the Core: a table of functions, categories, and subcategories that describe specific privacy activities that can support managing privacy risks when systems, products, and services are processing data or interacting with individuals.

Appendix F provides a placeholder for a companion roadmap covering NIST’s next steps and identifying key areas where the relevant practices are not well enough understood to enable organizations to achieve a privacy outcome.

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.